Does Fortigate have any MAC Security features?

Hello

Sure!

FortiGate has a built in NAC, where you can specify MAC address in NAC policy.

https://docs.fortinet.com/document/fortigate/7.0.0/new-features/830632/nac

On the other hand FortiGate can use MAC addresses as address objects in your firewall rules if needed.

Hello

You can also configure sticky MAC address. Protect the switch and the whole network when combined with MAC-learning-limit against security attacks such as Layer 2 DoS and overflow attacks.

https://docs.fortinet.com/document/fortigate/6.2.0/new-features/485133/mac-address-based-policies

Regards

Verender

Hi, you can create MAC address filter at the FortiGate, take a look at the article reference given below;

https://community.fortinet.com/t5/FortiGate/Technical-Tip-how-to-create-the-MAC-address-filter-from-device/ta-p/195523

Hi jefazo92,

not sure if it applies to your environment but you might also be interested in MAC address check for remote hosts connecting through sslvpn. 

Aside from OS and Host check, FortiGate can also perform a MAC address check on the remote host.

https://docs.fortinet.com/document/fortigate/7.6.0/administration-guide/32970/configuring-os-and-host-check

Regards